- ActivityPub S2S: remote user deletions now work the same as local user deletions.
- Not being able to access the Mastodon FE login page on private instances
- Invalid SemVer version generation, when the current branch does not have commits ahead of tag/checked out on a tag
+- Pleroma.Upload base_url was not automatically whitelisted by MediaProxy. Now your custom CDN or file hosting will be accessed directly as expected.
### Added
- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`)
defmodule Pleroma.Web.MediaProxy do
alias Pleroma.Config
+ alias Pleroma.Upload
alias Pleroma.Web
@base64_opts [padding: false]
defp whitelisted?(url) do
%{host: domain} = URI.parse(url)
- Enum.any?(Config.get([:media_proxy, :whitelist]), fn pattern ->
+ mediaproxy_whitelist = Config.get([:media_proxy, :whitelist])
+
+ upload_base_url_domain =
+ if !is_nil(Config.get([Upload, :base_url])) do
+ [URI.parse(Config.get([Upload, :base_url])).host]
+ else
+ []
+ end
+
+ whitelist = mediaproxy_whitelist ++ upload_base_url_domain
+
+ Enum.any?(whitelist, fn pattern ->
String.equivalent?(domain, pattern)
end)
end
object = Repo.get(Object, media["id"])
assert object.data["actor"] == User.ap_id(conn.assigns[:user])
end
-
- test "returns proxied url when media proxy is enabled", %{conn: conn, image: image} do
- Pleroma.Config.put([Pleroma.Upload, :base_url], "https://media.pleroma.social")
-
- proxy_url = "https://cache.pleroma.social"
- Pleroma.Config.put([:media_proxy, :enabled], true)
- Pleroma.Config.put([:media_proxy, :base_url], proxy_url)
-
- media =
- conn
- |> post("/api/v1/media", %{"file" => image})
- |> json_response(:ok)
-
- assert String.starts_with?(media["url"], proxy_url)
- end
-
- test "returns media url when proxy is enabled but media url is whitelisted", %{
- conn: conn,
- image: image
- } do
- media_url = "https://media.pleroma.social"
- Pleroma.Config.put([Pleroma.Upload, :base_url], media_url)
-
- Pleroma.Config.put([:media_proxy, :enabled], true)
- Pleroma.Config.put([:media_proxy, :base_url], "https://cache.pleroma.social")
- Pleroma.Config.put([:media_proxy, :whitelist], ["media.pleroma.social"])
-
- media =
- conn
- |> post("/api/v1/media", %{"file" => image})
- |> json_response(:ok)
-
- assert String.starts_with?(media["url"], media_url)
- end
end
describe "locked accounts" do
encoded = url(url)
assert decode_result(encoded) == url
end
-
- test "does not change whitelisted urls" do
- upload_config = Pleroma.Config.get([Pleroma.Upload])
- media_url = "https://media.pleroma.social"
- Pleroma.Config.put([Pleroma.Upload, :base_url], media_url)
- Pleroma.Config.put([:media_proxy, :whitelist], ["media.pleroma.social"])
- Pleroma.Config.put([:media_proxy, :base_url], "https://cache.pleroma.social")
-
- url = "#{media_url}/static/logo.png"
- encoded = url(url)
-
- assert String.starts_with?(encoded, media_url)
-
- Pleroma.Config.put([Pleroma.Upload], upload_config)
- end
end
describe "when disabled" do
decoded
end
- test "mediaproxy whitelist" do
- Pleroma.Config.put([:media_proxy, :enabled], true)
- Pleroma.Config.put([:media_proxy, :whitelist], ["google.com", "feld.me"])
- url = "https://feld.me/foo.png"
+ describe "whitelist" do
+ setup do
+ Pleroma.Config.put([:media_proxy, :enabled], true)
+ :ok
+ end
+
+ test "mediaproxy whitelist" do
+ Pleroma.Config.put([:media_proxy, :whitelist], ["google.com", "feld.me"])
+ url = "https://feld.me/foo.png"
+
+ unencoded = url(url)
+ assert unencoded == url
+ end
+
+ test "does not change whitelisted urls" do
+ Pleroma.Config.put([:media_proxy, :whitelist], ["mycdn.akamai.com"])
+ Pleroma.Config.put([:media_proxy, :base_url], "https://cache.pleroma.social")
+
+ media_url = "https://mycdn.akamai.com"
- unencoded = url(url)
- assert unencoded == url
+ url = "#{media_url}/static/logo.png"
+ encoded = url(url)
+
+ assert String.starts_with?(encoded, media_url)
+ end
+
+ test "ensure Pleroma.Upload base_url is always whitelisted" do
+ upload_config = Pleroma.Config.get([Pleroma.Upload])
+ media_url = "https://media.pleroma.social"
+ Pleroma.Config.put([Pleroma.Upload, :base_url], media_url)
+
+ url = "#{media_url}/static/logo.png"
+ encoded = url(url)
+
+ assert String.starts_with?(encoded, media_url)
+
+ Pleroma.Config.put([Pleroma.Upload], upload_config)
+ end
end
end
projects / akkoma / commitdiff